<!DOCTYPE html><html lang="zh-CN" data-theme="light"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><title>为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN | TOM BLOG</title><meta name="keywords" content="杂谈,网站,协议,资料整理,前端"><meta name="author" content="Tom"><meta name="copyright" content="Tom"><meta name="format-detection" content="telephone=no"><meta name="theme-color" content="ffffff"><meta name="description" content="深入了解https，ssl加密原理，什么是握手等。">
<meta property="og:type" content="article">
<meta property="og:title" content="为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN">
<meta property="og:url" content="https://www.tomsir.top/2022/08/21/Tompost5/index.html">
<meta property="og:site_name" content="TOM BLOG">
<meta property="og:description" content="深入了解https，ssl加密原理，什么是握手等。">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg">
<meta property="article:published_time" content="2022-08-20T19:29:57.000Z">
<meta property="article:modified_time" content="2022-09-06T15:22:40.859Z">
<meta property="article:author" content="Tom">
<meta property="article:tag" content="杂谈">
<meta property="article:tag" content="网站">
<meta property="article:tag" content="协议">
<meta property="article:tag" content="资料整理">
<meta property="article:tag" content="前端">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg"><link rel="shortcut icon" href="/img/favicon.png"><link rel="canonical" href="https://www.tomsir.top/2022/08/21/Tompost5/"><link rel="preconnect" href="//cdn.jsdelivr.net"/><link rel="preconnect" href="//busuanzi.ibruce.info"/><link rel="stylesheet" href="/css/index.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free/css/all.min.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.min.css" media="print" onload="this.media='all'"><script>const GLOBAL_CONFIG = { 
  root: '/',
  algolia: {"appId":"M67Q82WUEK","apiKey":"9fba5a4e5393e837ca3733239bd18568","indexName":"tomblog","hits":{"per_page":6},"languages":{"input_placeholder":"搜索文章","hits_empty":"找不到您查询的内容：${query}","hits_stats":"找到 ${hits} 条结果，用时 ${time} 毫秒"}},
  localSearch: undefined,
  translate: undefined,
  noticeOutdate: undefined,
  highlight: {"plugin":"highlighjs","highlightCopy":true,"highlightLang":true,"highlightHeightLimit":false},
  copy: {
    success: '复制成功',
    error: '复制错误',
    noSupport: '浏览器不支持'
  },
  relativeDate: {
    homepage: false,
    post: false
  },
  runtime: '',
  date_suffix: {
    just: '刚刚',
    min: '分钟前',
    hour: '小时前',
    day: '天前',
    month: '个月前'
  },
  copyright: {"limitCount":30,"languages":{"author":"作者: Tom","link":"链接: ","source":"来源: TOM BLOG","info":"著作权归作者所有。商业转载请联系作者获得授权，非商业转载请注明出处。"}},
  lightbox: 'fancybox',
  Snackbar: undefined,
  source: {
    justifiedGallery: {
      js: 'https://cdn.jsdelivr.net/npm/flickr-justified-gallery/dist/fjGallery.min.js',
      css: 'https://cdn.jsdelivr.net/npm/flickr-justified-gallery/dist/fjGallery.min.css'
    }
  },
  isPhotoFigcaption: false,
  islazyload: false,
  isAnchor: false
}</script><script id="config-diff">var GLOBAL_CONFIG_SITE = {
  title: '为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN',
  isPost: true,
  isHome: false,
  isHighlightShrink: false,
  isToc: true,
  postUpdate: '2022-09-06 23:22:40'
}</script><noscript><style type="text/css">
  #nav {
    opacity: 1
  }
  .justified-gallery img {
    opacity: 1
  }

  #recent-posts time,
  #post-meta time {
    display: inline !important
  }
</style></noscript><script>(win=>{
    win.saveToLocal = {
      set: function setWithExpiry(key, value, ttl) {
        if (ttl === 0) return
        const now = new Date()
        const expiryDay = ttl * 86400000
        const item = {
          value: value,
          expiry: now.getTime() + expiryDay,
        }
        localStorage.setItem(key, JSON.stringify(item))
      },

      get: function getWithExpiry(key) {
        const itemStr = localStorage.getItem(key)

        if (!itemStr) {
          return undefined
        }
        const item = JSON.parse(itemStr)
        const now = new Date()

        if (now.getTime() > item.expiry) {
          localStorage.removeItem(key)
          return undefined
        }
        return item.value
      }
    }
  
    win.getScript = url => new Promise((resolve, reject) => {
      const script = document.createElement('script')
      script.src = url
      script.async = true
      script.onerror = reject
      script.onload = script.onreadystatechange = function() {
        const loadState = this.readyState
        if (loadState && loadState !== 'loaded' && loadState !== 'complete') return
        script.onload = script.onreadystatechange = null
        resolve()
      }
      document.head.appendChild(script)
    })
  
      win.activateDarkMode = function () {
        document.documentElement.setAttribute('data-theme', 'dark')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', '#0d0d0d')
        }
      }
      win.activateLightMode = function () {
        document.documentElement.setAttribute('data-theme', 'light')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', 'ffffff')
        }
      }
      const t = saveToLocal.get('theme')
    
          if (t === 'dark') activateDarkMode()
          else if (t === 'light') activateLightMode()
        
      const asideStatus = saveToLocal.get('aside-status')
      if (asideStatus !== undefined) {
        if (asideStatus === 'hide') {
          document.documentElement.classList.add('hide-aside')
        } else {
          document.documentElement.classList.remove('hide-aside')
        }
      }
    
    const detectApple = () => {
      if(/iPad|iPhone|iPod|Macintosh/.test(navigator.userAgent)){
        document.documentElement.classList.add('apple')
      }
    }
    detectApple()
    })(window)</script><link rel="stylesheet" href="//at.alicdn.com/t/c/font_3527359_8hfpdch2e1d.css"><!-- hexo injector head_end start --><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/Zfour/Butterfly-card-history/baiduhistory/css/main.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/Zfour/hexo-electric-clock@1.0.6/clock.css"><link rel="stylesheet" href="https://npm.elemecdn.com/hexo-butterfly-footer-beautify@1.0.0/lib/runtime.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiper.min.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiper.min.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiperstyle.css" media="print" onload="this.media='all'"><!-- hexo injector head_end end --><meta name="generator" content="Hexo 5.4.2"></head><body><div id="loading-box"><div class="loading-left-bg"></div><div class="loading-right-bg"></div><div class="spinner-box"><div class="configure-border-1"><div class="configure-core"></div></div><div class="configure-border-2"><div class="configure-core"></div></div><div class="loading-word">加载中...</div></div></div><div id="sidebar"><div id="menu-mask"></div><div id="sidebar-menus"><div class="avatar-img is-center"><img src="https://pic6.58cdn.com.cn/nowater/webim/big/n_v2de3a253974284261b8f1b1e741aa5cf1.jpg" onerror="onerror=null;src='/img/friend_404.gif'" alt="avatar"/></div><div class="sidebar-site-data site-data is-center"><a href="/archives/"><div class="headline">文章</div><div class="length-num">9</div></a><a href="/tags/"><div class="headline">标签</div><div class="length-num">24</div></a><a href="/categories/"><div class="headline">分类</div><div class="length-num">7</div></a></div><hr/><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fas fa-archive"></i><span> 时间轴</span></a></div><div class="menus_item"><a class="site-page" href="/tags/"><i class="fa-fw fas fa-tags"></i><span> 标签</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page group" href="javascript:void(0);"><i class="fa-fw iconfont icon-shiyongwendang"></i><span> 相关文档</span><i class="fas fa-chevron-down"></i></a><ul class="menus_item_child"><li><a class="site-page child" href="/Linux/"><i class="fa-fw iconfont icon-linux"></i><span> 安装脚本使用文档</span></a></li></ul></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fas fa-link"></i><span> 友链</span></a></div><div class="menus_item"><a class="site-page" href="/about/"><i class="fa-fw fas fa-heart"></i><span> 关于本站</span></a></div></div></div></div><div class="post" id="body-wrap"><header class="post-bg" id="page-header" style="background-image: url('https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg')"><nav id="nav"><span id="blog_name"><a id="site-name" href="/">TOM BLOG</a></span><div id="menus"><div id="search-button"><a class="site-page social-icon search"><i class="fas fa-search fa-fw"></i><span> 搜索</span></a></div><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fas fa-archive"></i><span> 时间轴</span></a></div><div class="menus_item"><a class="site-page" href="/tags/"><i class="fa-fw fas fa-tags"></i><span> 标签</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page group" href="javascript:void(0);"><i class="fa-fw iconfont icon-shiyongwendang"></i><span> 相关文档</span><i class="fas fa-chevron-down"></i></a><ul class="menus_item_child"><li><a class="site-page child" href="/Linux/"><i class="fa-fw iconfont icon-linux"></i><span> 安装脚本使用文档</span></a></li></ul></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fas fa-link"></i><span> 友链</span></a></div><div class="menus_item"><a class="site-page" href="/about/"><i class="fa-fw fas fa-heart"></i><span> 关于本站</span></a></div></div><div id="toggle-menu"><a class="site-page"><i class="fas fa-bars fa-fw"></i></a></div></div></nav><div id="post-info"><h1 class="post-title">为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN</h1><div id="post-meta"><div class="meta-firstline"><span class="post-meta-date"><i class="far fa-calendar-alt fa-fw post-meta-icon"></i><span class="post-meta-label">发表于</span><time class="post-meta-date-created" datetime="2022-08-20T19:29:57.000Z" title="发表于 2022-08-21 03:29:57">2022-08-21</time><span class="post-meta-separator">|</span><i class="fas fa-history fa-fw post-meta-icon"></i><span class="post-meta-label">更新于</span><time class="post-meta-date-updated" datetime="2022-09-06T15:22:40.859Z" title="更新于 2022-09-06 23:22:40">2022-09-06</time></span><span class="post-meta-categories"><span class="post-meta-separator">|</span><i class="fas fa-inbox fa-fw post-meta-icon"></i><a class="post-meta-categories" href="/categories/web/">web</a></span></div><div class="meta-secondline"><span class="post-meta-separator">|</span><span class="post-meta-wordcount"><i class="far fa-file-word fa-fw post-meta-icon"></i><span class="post-meta-label">字数总计:</span><span class="word-count">4.1k</span><span class="post-meta-separator">|</span><i class="far fa-clock fa-fw post-meta-icon"></i><span class="post-meta-label">阅读时长:</span><span>12分钟</span></span><span class="post-meta-separator">|</span><span class="post-meta-pv-cv" id="" data-flag-title="为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN"><i class="far fa-eye fa-fw post-meta-icon"></i><span class="post-meta-label">阅读量:</span><span id="busuanzi_value_page_pv"><i class="fa-solid fa-spinner fa-spin"></i></span></span></div></div></div></header><main class="layout" id="content-inner"><div id="post"><article class="post-content" id="article-container"><p>HTTPS（SSL/TLS）的加密机制虽然是大家都应了解的基本知识，但网上很多相关文章总会忽略一些内容，没有阐明完整的逻辑脉络，我当年学习它的时候也废了挺大功夫。</p>
<p>对称与非对称加密、数字签名、数字证书等，在学习过程中，除了了解“它是什么”，你是否有想过“为什么是它”？我认为理解了后者才真正理解了 HTTPS 的加密机制。</p>
<p>本文以问题的形式逐步展开，一步步解开 HTTPS 的面纱，希望能帮助你彻底搞懂 HTTPS。</p>
<h2 id="为什么需要加密？"><a href="#为什么需要加密？" class="headerlink" title="为什么需要加密？"></a><strong>为什么需要加密？</strong></h2><p>因为 http 的内容是明文传输的，明文数据会经过中间代理服务器、路由器、wifi 热点、通信服务运营商等多个物理节点，如果信息在传输过程中被劫持，传输的内容就完全暴露了。劫持者还可以篡改传输的信息且不被双方察觉，这就是<code>中间人攻击</code>。所以我们才需要对信息进行加密。最容易理解的就是<code>对称加密</code> 。</p>
<h2 id="什么是对称加密？"><a href="#什么是对称加密？" class="headerlink" title="什么是对称加密？"></a><strong>什么是对称加密？</strong></h2><p>简单说就是有一个密钥，它可以加密一段信息，也可以对加密后的信息进行解密，和我们日常生活中用的钥匙作用差不多。</p>
<p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/1.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/1.jpg" alt="img"></a>对称加密（<a target="_blank" rel="noopener" href="https://sectigostore.com/blog/types-of-encryption-what-to-know-about-symmetric-vs-asymmetric-encryption/%EF%BC%89">https://sectigostore.com/blog/types-of-encryption-what-to-know-about-symmetric-vs-asymmetric-encryption/）</a></p>
<h2 id="用对称加密可行吗？"><a href="#用对称加密可行吗？" class="headerlink" title="用对称加密可行吗？"></a><strong>用对称加密可行吗？</strong></h2><p><strong>如果通信双方都各自持有同一个密钥，且没有别人知道，这两方的通信安全当然是可以被保证的（除非密钥被破解）。</strong></p>
<p>然而最大的问题就是<strong>这个密钥怎么让传输的双方知晓，同时不被别人知道</strong>。如果由服务器生成一个密钥并传输给浏览器，那在这个传输过程中密钥被别人劫持到手了怎么办？之后他就能用密钥解开双方传输的任何内容了，所以这么做当然不行。</p>
<p>换种思路？试想一下，如果浏览器内部就预存了网站 A 的密钥，且可以确保除了浏览器和网站 A，不会有任何外人知道该密钥，那理论上用对称加密是可以的，这样浏览器只要预存好世界上所有 HTTPS 网站的密钥就行了！这么做显然不现实。<br>怎么办？所以我们就需要<code>非对称加密</code> 。</p>
<h2 id="什么是非对称加密？"><a href="#什么是非对称加密？" class="headerlink" title="什么是非对称加密？"></a><strong>什么是非对称加密？</strong></h2><p>简单说就是有两把密钥，通常一把叫做公钥、一把叫私钥，用公钥加密的内容必须用私钥才能解开，同样，私钥加密的内容只有公钥能解开。</p>
<p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/2.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/2.jpg" alt="img"></a>非对称加密（<a target="_blank" rel="noopener" href="https://sectigostore.com/blog/types-of-encryption-what-to-know-about-symmetric-vs-asymmetric-encryption/%EF%BC%89">https://sectigostore.com/blog/types-of-encryption-what-to-know-about-symmetric-vs-asymmetric-encryption/）</a></p>
<h2 id="用非对称加密可行吗？"><a href="#用非对称加密可行吗？" class="headerlink" title="用非对称加密可行吗？"></a>用非对称加密可行吗？</h2><p>鉴于非对称加密的机制，我们可能会有这种思路：服务器先把公钥以明文方式传输给浏览器，之后浏览器向服务器传数据前都先用这个公钥加密好再传，这条数据的安全似乎可以保障了！<strong>因为只有服务器有相应的私钥能解开公钥加密的数据</strong>。</p>
<p>然而反过来<strong>由服务器到浏览器的这条路怎么保障安全？</strong>如果服务器用它的私钥加密数据传给浏览器，那么浏览器用公钥可以解密它，而这个公钥是一开始通过明文传输给浏览器的，若这个公钥被中间人劫持到了，那他也能用该公钥解密服务器传来的信息了。所以<strong>目前似乎只能保证由浏览器向服务器传输数据的安全性</strong>（其实仍有漏洞，下文会说），那利用这点你能想到什么解决方案吗？</p>
<h2 id="改良的非对称加密方案，似乎可以？"><a href="#改良的非对称加密方案，似乎可以？" class="headerlink" title="改良的非对称加密方案，似乎可以？"></a><strong>改良的非对称加密方案，似乎可以？</strong></h2><p>我们已经理解通过一组公钥私钥，可以保证单个方向传输的安全性，那用两组公钥私钥，是否就能保证双向传输都安全了？请看下面的过程：</p>
<ol>
<li>某网站服务器拥有公钥 A 与对应的私钥 A’；浏览器拥有公钥 B 与对应的私钥 B’。</li>
<li>浏览器把公钥 B 明文传输给服务器。</li>
<li>服务器把公钥 A 明文给传输浏览器。</li>
<li>之后浏览器向服务器传输的内容都用公钥 A 加密，服务器收到后用私钥 A’解密。由于只有服务器拥有私钥 A’，所以能保证这条数据的安全。</li>
<li>同理，服务器向浏览器传输的内容都用公钥 B 加密，浏览器收到后用私钥 B’解密。同上也可以保证这条数据的安全。</li>
</ol>
<p>的确可以！抛开这里面仍有的漏洞不谈（下文会讲），HTTPS 的加密却没使用这种方案，为什么？很重要的原因是非对称加密算法非常耗时，而对称加密快很多。那我们能不能运用非对称加密的特性解决前面提到的对称加密的漏洞？</p>
<h2 id="非对称加密-对称加密？"><a href="#非对称加密-对称加密？" class="headerlink" title="非对称加密+对称加密？"></a><strong>非对称加密+对称加密？</strong></h2><p>既然非对称加密耗时，那非对称加密+对称加密结合可以吗？而且得尽量减少非对称加密的次数。当然是可以的，且非对称加密、解密各只需用一次即可。<br>请看一下这个过程：</p>
<ol>
<li>某网站拥有用于非对称加密的公钥 A、私钥 A’。</li>
<li>浏览器向网站服务器请求，服务器把公钥 A 明文给传输浏览器。</li>
<li>浏览器随机生成一个用于对称加密的密钥 X，用公钥 A 加密后传给服务器。</li>
<li>服务器拿到后用私钥 A’解密得到密钥 X。</li>
<li>这样双方就都拥有密钥 X 了，且别人无法知道它。之后双方所有数据都通过密钥 X 加密解密即可。</li>
</ol>
<p>完美！HTTPS 基本就是采用了这种方案。完美？还是有漏洞的。</p>
<h2 id="中间人攻击"><a href="#中间人攻击" class="headerlink" title="中间人攻击"></a><strong>中间人攻击</strong></h2><p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/3.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/3.jpg" alt="img"></a>中间人攻击（<a target="_blank" rel="noopener" href="https://blog.pradeo.com/man-in-the-middle-attack%EF%BC%89">https://blog.pradeo.com/man-in-the-middle-attack）</a></p>
<p>如果在数据传输过程中，中间人劫持到了数据，此时他的确无法得到浏览器生成的密钥 X，这个密钥本身被公钥 A 加密了，只有服务器才有私钥 A’解开它，然而中间人却完全不需要拿到私钥 A’就能干坏事了。请看：</p>
<ol>
<li>某网站有用于非对称加密的公钥 A、私钥 A’。</li>
<li>浏览器向网站服务器请求，服务器把公钥 A 明文给传输浏览器。</li>
<li><strong>中间人劫持到公钥 A，保存下来，把数据包中的公钥 A 替换成自己伪造的公钥 B（它当然也拥有公钥 B 对应的私钥 B’）</strong>。</li>
<li>浏览器生成一个用于对称加密的密钥 X，用<strong>公钥 B</strong>（浏览器无法得知公钥被替换了）加密后传给服务器。</li>
<li><strong>中间人劫持后用私钥 B’解密得到密钥 X，再用公钥 A 加密后传给服务器</strong>。</li>
<li>服务器拿到后用私钥 A’解密得到密钥 X。</li>
</ol>
<p>这样在双方都不会发现异常的情况下，中间人通过一套“狸猫换太子”的操作，掉包了服务器传来的公钥，进而得到了密钥 X。<strong>根本原因是浏览器无法确认收到的公钥是不是网站自己的，</strong>因为公钥本身是明文传输的，难道还得对公钥的传输进行加密？这似乎变成鸡生蛋、蛋生鸡的问题了。解法是什么？</p>
<h2 id="如何证明浏览器收到的公钥一定是该网站的公钥？"><a href="#如何证明浏览器收到的公钥一定是该网站的公钥？" class="headerlink" title="如何证明浏览器收到的公钥一定是该网站的公钥？"></a><strong>如何证明浏览器收到的公钥一定是该网站的公钥？</strong></h2><p>其实所有证明的源头都是一条或多条不证自明的“公理”（可以回想一下数学上公理），由它推导出一切。比如现实生活中，若想证明某身份证号一定是小明的，可以看他身份证，而身份证是由政府作证的，这里的“公理”就是“政府机构可信”，这也是社会正常运作的前提。</p>
<p>那能不能类似地有个机构充当互联网世界的“公理”呢？让它作为一切证明的源头，给网站颁发一个“身份证”？</p>
<p>它就是<strong>CA 机构</strong>，它是如今互联网世界正常运作的前提，而 CA 机构颁发的“身份证”就是<strong>数字证书</strong>。</p>
<h2 id="数字证书"><a href="#数字证书" class="headerlink" title="数字证书"></a><strong>数字证书</strong></h2><p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/4.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/4.jpg" alt="img"></a></p>
<p>网站在使用 HTTPS 前，需要向<strong>CA 机构</strong>申领一份<strong>数字证书</strong>，数字证书里含有证书持有者信息、公钥信息等。服务器把证书传输给浏览器，浏览器从证书里获取公钥就行了，证书就如身份证，证明“该公钥对应该网站”。而这里又有一个显而易见的问题，“<strong>证书本身的传输过程中，如何防止被篡改”</strong>？即如何证明证书本身的真实性？身份证运用了一些防伪技术，而数字证书怎么防伪呢？解决这个问题我们就接近胜利了！</p>
<h2 id="如何放防止数字证书被篡改？"><a href="#如何放防止数字证书被篡改？" class="headerlink" title="如何放防止数字证书被篡改？"></a><strong>如何放防止数字证书被篡改？</strong></h2><p>我们把证书原本的内容生成一份“签名”，比对证书内容和签名是否一致就能判别是否被篡改。这就是数字证书的“防伪技术”，这里的“签名”就叫<code>数字签名</code>：</p>
<h2 id="数字签名"><a href="#数字签名" class="headerlink" title="数字签名"></a><strong>数字签名</strong></h2><p>这部分内容建议看下图并结合后面的文字理解，图中左侧是数字签名的制作过程，右侧是验证过程：</p>
<p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/5.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/5.jpg" alt="img"></a>数字签名的生成与验证（<a target="_blank" rel="noopener" href="https://cheapsslsecurity.com/blog/digital-signature-vs-digital-certificate-the-difference-explained/%EF%BC%89">https://cheapsslsecurity.com/blog/digital-signature-vs-digital-certificate-the-difference-explained/）</a></p>
<p>数字签名的制作过程：</p>
<ol>
<li>CA 机构拥有非对称加密的私钥和公钥。</li>
<li>CA 机构对证书明文数据 T 进行 hash。</li>
<li>对 hash 后的值用私钥加密，得到数字签名 S。</li>
</ol>
<p>明文和数字签名共同组成了数字证书，这样一份数字证书就可以颁发给网站了。<br>那浏览器拿到服务器传来的数字证书后，如何验证它是不是真的？（有没有被篡改、掉包）</p>
<p>浏览器验证过程：</p>
<ol>
<li>拿到证书，得到明文 T，签名 S。</li>
<li>用 CA 机构的公钥对 S 解密（由于是浏览器信任的机构，所以浏览器保有它的公钥。详情见下文），得到 S’。</li>
<li>用证书里指明的 hash 算法对明文 T 进行 hash 得到 T’。</li>
<li>显然通过以上步骤，T’应当等于 S‘，除非明文或签名被篡改。所以此时比较 S’是否等于 T’，等于则表明证书可信。</li>
</ol>
<p>为何么这样可以保证证书可信呢？我们来仔细想一下。</p>
<h2 id="中间人有可能篡改该证书吗？"><a href="#中间人有可能篡改该证书吗？" class="headerlink" title="中间人有可能篡改该证书吗？"></a><strong>中间人有可能篡改该证书吗？</strong></h2><p>假设中间人篡改了证书的原文，由于他没有 CA 机构的私钥，所以无法得到此时加密后签名，无法相应地篡改签名。浏览器收到该证书后会发现原文和签名解密后的值不一致，则说明证书已被篡改，证书不可信，从而终止向服务器传输信息，防止信息泄露给中间人。</p>
<p>既然不可能篡改，那整个证书被掉包呢？</p>
<h2 id="中间人有可能把证书掉包吗？"><a href="#中间人有可能把证书掉包吗？" class="headerlink" title="中间人有可能把证书掉包吗？"></a><strong>中间人有可能把证书掉包吗？</strong></h2><p>假设有另一个网站 B 也拿到了 CA 机构认证的证书，它想劫持网站 A 的信息。于是它成为中间人拦截到了 A 传给浏览器的证书，然后替换成自己的证书，传给浏览器，之后浏览器就会错误地拿到 B 的证书里的公钥了，这确实会导致上文“中间人攻击”那里提到的漏洞？</p>
<p>其实这并不会发生，因为证书里包含了网站 A 的信息，包括域名，浏览器把证书里的域名与自己请求的域名比对一下就知道有没有被掉包了。</p>
<h2 id="为什么制作数字签名时需要-hash-一次？"><a href="#为什么制作数字签名时需要-hash-一次？" class="headerlink" title="为什么制作数字签名时需要 hash 一次？"></a><strong>为什么制作数字签名时需要 hash 一次？</strong></h2><p>我初识 HTTPS 的时候就有这个疑问，因为似乎那里的 hash 有点多余，把 hash 过程去掉也能保证证书没有被篡改。</p>
<p>最显然的是性能问题，前面我们已经说了非对称加密效率较差，证书信息一般较长，比较耗时。而 hash 后得到的是固定长度的信息（比如用 md5 算法 hash 后可以得到固定的 128 位的值），这样加解密就快很多。</p>
<p>当然也有安全上的原因，这部分内容相对深一些，感兴趣的可以看这篇解答：<a target="_blank" rel="noopener" href="https://crypto.stackexchange.com/a/12780">crypto.stackexchange.com/a/12780</a></p>
<h2 id="怎么证明-CA-机构的公钥是可信的？"><a href="#怎么证明-CA-机构的公钥是可信的？" class="headerlink" title="怎么证明 CA 机构的公钥是可信的？"></a><strong>怎么证明 CA 机构的公钥是可信的？</strong></h2><p>你们可能会发现上文中说到 CA 机构的公钥，我几乎一笔带过，“浏览器保有它的公钥”，这是个什么保有法？怎么证明这个公钥是否可信？</p>
<p>让我们回想一下数字证书到底是干啥的？没错，为了证明某公钥是可信的，即“该公钥是否对应该网站”，那 CA 机构的公钥是否也可以用数字证书来证明？没错，操作系统、浏览器本身会预装一些它们信任的根证书，如果其中会有 CA 机构的根证书，这样就可以拿到它对应的可信公钥了。</p>
<p>实际上证书之间的认证也可以不止一层，可以 A 信任 B，B 信任 C，以此类推，我们把它叫做<code>信任链</code>或<code>数字证书链</code>。也就是一连串的数字证书，由根证书为起点，透过层层信任，使终端实体证书的持有者可以获得转授的信任，以证明身份。</p>
<p>另外，不知你们是否遇到过网站访问不了、提示需安装证书的情况？这里安装的就是根证书。说明浏览器不认给这个网站颁发证书的机构，那么你就得手动下载安装该机构的根证书（风险自己承担 XD）。安装后，你就有了它的公钥，就可以用它验证服务器发来的证书是否可信了。</p>
<p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/6.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/6.jpg" alt="img"></a>信任链（<a target="_blank" rel="noopener" href="https://publib.boulder.ibm.com/tividd/td/TRM/GC32-1323-00/en_US/HTML/admin230.htm%EF%BC%89">https://publib.boulder.ibm.com/tividd/td/TRM/GC32-1323-00/en_US/HTML/admin230.htm）</a></p>
<h2 id="每次进行-HTTPS-请求时都必须在-SSL-TLS-层进行握手传输密钥吗？"><a href="#每次进行-HTTPS-请求时都必须在-SSL-TLS-层进行握手传输密钥吗？" class="headerlink" title="每次进行 HTTPS 请求时都必须在 SSL/TLS 层进行握手传输密钥吗？"></a><strong>每次进行 HTTPS 请求时都</strong>必须<strong>在 SSL/TLS 层进行握手传输密钥吗？</strong></h2><p>这也是我当时的困惑之一，显然每次请求都经历一次密钥传输过程非常耗时，那怎么达到只传输一次呢？</p>
<p>服务器会为每个浏览器（或客户端软件）维护一个 session ID，在 TLS 握手阶段传给浏览器，浏览器生成好密钥传给服务器后，服务器会把该密钥存到相应的 session ID 下，之后浏览器每次请求都会携带 session ID，服务器会根据 session ID 找到相应的密钥并进行解密加密操作，这样就不必要每次重新制作、传输密钥了！</p>
<h2 id="总结"><a href="#总结" class="headerlink" title="总结"></a><strong>总结</strong></h2><p>可以看下这张图，梳理一下整个流程（SSL、TLS 握手有一些区别，不同版本间也有区别，不过大致过程就是这样）：</p>
<p><a target="_blank" rel="noopener" href="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/7.jpg"><img src="https://cdn.cbd.int/anzhiyu-blog@latest/img/post/https/7.jpg" alt="img"></a></p>
<p>（<a target="_blank" rel="noopener" href="http://www.extremetech.com)/">www.extremetech.com）</a></p>
<p>至此，我们已自上而下地打通了 HTTPS 加密的整体脉络以及核心知识点，不知你是否真正搞懂了 HTTPS 呢？<br>找几个时间，多看、多想、多理解几次就会越来越清晰的！<br>那么，下面的问题你是否已经可以解答了呢？</p>
<ol>
<li>为什么要用对称加密+非对称加密？</li>
<li>为什么不能只用非对称加密？</li>
<li>为什么需要数字证书？</li>
<li>为什么需要数字签名？<br>…</li>
</ol>
<p>当然，由于篇幅和能力所限，一些更深入的内容没有覆盖到。但我认为一般对于前后端开发人员来说，了解到这步就够了，有兴趣的可以再深入研究~如有疏漏之处，欢迎指出。</p>
<blockquote>
<p>本文为博主从网络中整理到的比较好的文章，可用让我们深刻的认识什么是SSL</p>
</blockquote>
<iframe frameborder="no" border="0" marginwidth="0" marginheight="0" width=330 height=86 src="//music.163.com/outchain/player?type=2&id=1336575693&auto=1&height=66"></iframe>

<h1 style="color: red; font-size:20px;text-align:center; padding:0;margin:0;">整理不易，且行且珍惜。</h1>
</article><div class="post-copyright"><div class="post-copyright__author"><span class="post-copyright-meta">文章作者: </span><span class="post-copyright-info"><a href="https://www.Tomsir.top">Tom</a></span></div><div class="post-copyright__type"><span class="post-copyright-meta">文章链接: </span><span class="post-copyright-info"><a href="https://www.tomsir.top/2022/08/21/Tompost5/">https://www.tomsir.top/2022/08/21/Tompost5/</a></span></div><div class="post-copyright__notice"><span class="post-copyright-meta">版权声明: </span><span class="post-copyright-info">本博客所有文章除特别声明外，均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/" target="_blank">CC BY-NC-SA 4.0</a> 许可协议。转载请注明来自 <a href="https://www.Tomsir.top" target="_blank">TOM BLOG</a>！</span></div></div><div class="tag_share"><div class="post-meta__tag-list"><a class="post-meta__tags" href="/tags/%E6%9D%82%E8%B0%88/">杂谈</a><a class="post-meta__tags" href="/tags/%E7%BD%91%E7%AB%99/">网站</a><a class="post-meta__tags" href="/tags/%E5%8D%8F%E8%AE%AE/">协议</a><a class="post-meta__tags" href="/tags/%E8%B5%84%E6%96%99%E6%95%B4%E7%90%86/">资料整理</a><a class="post-meta__tags" href="/tags/%E5%89%8D%E7%AB%AF/">前端</a></div><div class="post_share"><div class="social-share" data-image="https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg" data-sites="facebook,twitter,wechat,weibo,qq"></div><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/butterfly-extsrc/sharejs/dist/css/share.min.css" media="print" onload="this.media='all'"><script src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/sharejs/dist/js/social-share.min.js" defer></script></div></div><div class="post-reward"><div class="reward-button"><i class="fas fa-qrcode"></i> 打赏</div><div class="reward-main"><ul class="reward-all"><li class="reward-item"><a href="https://pic.rmb.bdstatic.com/bjh/1603c4a0bf144b8296f2870dc120f5e4.jpeg" target="_blank"><img class="post-qr-code-img" src="https://pic.rmb.bdstatic.com/bjh/1603c4a0bf144b8296f2870dc120f5e4.jpeg" alt="推荐使用支付宝"/></a><div class="post-qr-code-desc">推荐使用支付宝</div></li></ul></div></div><nav class="pagination-post" id="pagination"><div class="prev-post pull-left"><a href="/2022/09/06/Tompost8/"><img class="prev-cover" src="https://gimg2.baidu.com/image_search/src=http%3A%2F%2Fss2.meipian.me%2Fusers%2F60316599%2Feb661400-2bd7-11ea-9c18-19e1c331991e.png%3Fmeipian-raw%2Fbucket%2Fivwen%2Fkey%2FdXNlcnMvNjAzMTY1OTkvZWI2NjE0MDAtMmJkNy0xMWVhLTljMTgtMTllMWMzMzE5OTFlLnBuZw%3D%3D%2Fsign%2Fbe170899efe4bb6a194791b0573f947e.jpg&amp;refer=http%3A%2F%2Fss2.meipian.me&amp;app=2002&amp;size=f9999,10000&amp;q=a80&amp;n=0&amp;g=0n&amp;fmt=auto?sec=1665068039&amp;t=d0985dd7a1ca9ef4b6a14e3ca1e86759" onerror="onerror=null;src='/img/404.jpg'" alt="cover of previous post"><div class="pagination-info"><div class="label">上一篇</div><div class="prev_info">Python常用组件、命令大总结(转自CSDN收费资源)</div></div></a></div><div class="next-post pull-right"><a href="/2022/08/21/Tompost7/"><img class="next-cover" src="https://pic.rmb.bdstatic.com/bjh/a94d99854b04dac78acf111ad32c5b53.png" onerror="onerror=null;src='/img/404.jpg'" alt="cover of next post"><div class="pagination-info"><div class="label">下一篇</div><div class="next_info">Vue实现用户名输入首字母检查</div></div></a></div></nav><div class="relatedPosts"><div class="headline"><i class="fas fa-thumbs-up fa-fw"></i><span>相关推荐</span></div><div class="relatedPosts-list"><div><a href="/2022/08/21/Tompost4/" title="NPM可用CDN整理和换源方法"><img class="cover" src="https://pic.rmb.bdstatic.com/bjh/d3b0a8a2a5ea2a338d913e2b86987894.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2022-08-21</div><div class="title">NPM可用CDN整理和换源方法</div></div></a></div><div><a href="/2022/08/21/Tompost7/" title="Vue实现用户名输入首字母检查"><img class="cover" src="https://pic.rmb.bdstatic.com/bjh/a94d99854b04dac78acf111ad32c5b53.png" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2022-08-21</div><div class="title">Vue实现用户名输入首字母检查</div></div></a></div><div><a href="/2022/08/21/Tompost6/" title="Vue中常用的修饰符"><img class="cover" src="https://pic.rmb.bdstatic.com/bjh/d94a85b170b2641b3c3f456a3b95351b.png" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2022-08-21</div><div class="title">Vue中常用的修饰符</div></div></a></div></div></div><hr/><div id="post-comment"><div class="comment-head"><div class="comment-headline"><i class="fas fa-comments fa-fw"></i><span> 评论</span></div></div><div class="comment-wrap"><div><div id="gitalk-container"></div></div></div></div></div><div class="aside-content" id="aside-content"><div class="card-widget card-info"><div class="is-center"><div class="avatar-img"><img src="https://pic6.58cdn.com.cn/nowater/webim/big/n_v2de3a253974284261b8f1b1e741aa5cf1.jpg" onerror="this.onerror=null;this.src='/img/friend_404.gif'" alt="avatar"/></div><div class="author-info__name">Tom</div><div class="author-info__description">以他人为镜，以自身为尺。</div></div><div class="card-info-data site-data is-center"><a href="/archives/"><div class="headline">文章</div><div class="length-num">9</div></a><a href="/tags/"><div class="headline">标签</div><div class="length-num">24</div></a><a href="/categories/"><div class="headline">分类</div><div class="length-num">7</div></a></div><a id="card-info-btn" target="_blank" rel="noopener" href="https://qm.qq.com/cgi-bin/qm/qr?k=58ymKBM4HiQT8XFSaCbYJa0qEuJKZEqt&amp;noverify=0"><i class="fab fa-qq"></i><span>Contact Me</span></a></div><div class="card-widget card-announcement"><div class="item-headline"><i class="fas fa-bullhorn fa-shake"></i><span>公告</span></div><div class="announcement_content">博客基本功能已经完善。文章持续更新中........</div></div><div class="sticky_layout"><div class="card-widget" id="card-toc"><div class="item-headline"><i class="fas fa-stream"></i><span>目录</span><span class="toc-percentage"></span></div><div class="toc-content"><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%B8%BA%E4%BB%80%E4%B9%88%E9%9C%80%E8%A6%81%E5%8A%A0%E5%AF%86%EF%BC%9F"><span class="toc-number">1.</span> <span class="toc-text">为什么需要加密？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%BB%80%E4%B9%88%E6%98%AF%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%EF%BC%9F"><span class="toc-number">2.</span> <span class="toc-text">什么是对称加密？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%94%A8%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%E5%8F%AF%E8%A1%8C%E5%90%97%EF%BC%9F"><span class="toc-number">3.</span> <span class="toc-text">用对称加密可行吗？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%BB%80%E4%B9%88%E6%98%AF%E9%9D%9E%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%EF%BC%9F"><span class="toc-number">4.</span> <span class="toc-text">什么是非对称加密？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%94%A8%E9%9D%9E%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%E5%8F%AF%E8%A1%8C%E5%90%97%EF%BC%9F"><span class="toc-number">5.</span> <span class="toc-text">用非对称加密可行吗？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%94%B9%E8%89%AF%E7%9A%84%E9%9D%9E%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%E6%96%B9%E6%A1%88%EF%BC%8C%E4%BC%BC%E4%B9%8E%E5%8F%AF%E4%BB%A5%EF%BC%9F"><span class="toc-number">6.</span> <span class="toc-text">改良的非对称加密方案，似乎可以？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E9%9D%9E%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86-%E5%AF%B9%E7%A7%B0%E5%8A%A0%E5%AF%86%EF%BC%9F"><span class="toc-number">7.</span> <span class="toc-text">非对称加密+对称加密？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%B8%AD%E9%97%B4%E4%BA%BA%E6%94%BB%E5%87%BB"><span class="toc-number">8.</span> <span class="toc-text">中间人攻击</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%A6%82%E4%BD%95%E8%AF%81%E6%98%8E%E6%B5%8F%E8%A7%88%E5%99%A8%E6%94%B6%E5%88%B0%E7%9A%84%E5%85%AC%E9%92%A5%E4%B8%80%E5%AE%9A%E6%98%AF%E8%AF%A5%E7%BD%91%E7%AB%99%E7%9A%84%E5%85%AC%E9%92%A5%EF%BC%9F"><span class="toc-number">9.</span> <span class="toc-text">如何证明浏览器收到的公钥一定是该网站的公钥？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%95%B0%E5%AD%97%E8%AF%81%E4%B9%A6"><span class="toc-number">10.</span> <span class="toc-text">数字证书</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%A6%82%E4%BD%95%E6%94%BE%E9%98%B2%E6%AD%A2%E6%95%B0%E5%AD%97%E8%AF%81%E4%B9%A6%E8%A2%AB%E7%AF%A1%E6%94%B9%EF%BC%9F"><span class="toc-number">11.</span> <span class="toc-text">如何放防止数字证书被篡改？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%95%B0%E5%AD%97%E7%AD%BE%E5%90%8D"><span class="toc-number">12.</span> <span class="toc-text">数字签名</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%B8%AD%E9%97%B4%E4%BA%BA%E6%9C%89%E5%8F%AF%E8%83%BD%E7%AF%A1%E6%94%B9%E8%AF%A5%E8%AF%81%E4%B9%A6%E5%90%97%EF%BC%9F"><span class="toc-number">13.</span> <span class="toc-text">中间人有可能篡改该证书吗？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%B8%AD%E9%97%B4%E4%BA%BA%E6%9C%89%E5%8F%AF%E8%83%BD%E6%8A%8A%E8%AF%81%E4%B9%A6%E6%8E%89%E5%8C%85%E5%90%97%EF%BC%9F"><span class="toc-number">14.</span> <span class="toc-text">中间人有可能把证书掉包吗？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E4%B8%BA%E4%BB%80%E4%B9%88%E5%88%B6%E4%BD%9C%E6%95%B0%E5%AD%97%E7%AD%BE%E5%90%8D%E6%97%B6%E9%9C%80%E8%A6%81-hash-%E4%B8%80%E6%AC%A1%EF%BC%9F"><span class="toc-number">15.</span> <span class="toc-text">为什么制作数字签名时需要 hash 一次？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%80%8E%E4%B9%88%E8%AF%81%E6%98%8E-CA-%E6%9C%BA%E6%9E%84%E7%9A%84%E5%85%AC%E9%92%A5%E6%98%AF%E5%8F%AF%E4%BF%A1%E7%9A%84%EF%BC%9F"><span class="toc-number">16.</span> <span class="toc-text">怎么证明 CA 机构的公钥是可信的？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%AF%8F%E6%AC%A1%E8%BF%9B%E8%A1%8C-HTTPS-%E8%AF%B7%E6%B1%82%E6%97%B6%E9%83%BD%E5%BF%85%E9%A1%BB%E5%9C%A8-SSL-TLS-%E5%B1%82%E8%BF%9B%E8%A1%8C%E6%8F%A1%E6%89%8B%E4%BC%A0%E8%BE%93%E5%AF%86%E9%92%A5%E5%90%97%EF%BC%9F"><span class="toc-number">17.</span> <span class="toc-text">每次进行 HTTPS 请求时都必须在 SSL&#x2F;TLS 层进行握手传输密钥吗？</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%80%BB%E7%BB%93"><span class="toc-number">18.</span> <span class="toc-text">总结</span></a></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link"><span class="toc-number"></span> <span class="toc-text">整理不易，且行且珍惜。</span></a></div></div><div class="card-widget card-recent-post"><div class="item-headline"><i class="fas fa-history"></i><span>最新文章</span></div><div class="aside-list"><div class="aside-list-item"><a class="thumbnail" href="/2022/12/18/Tompost9/" title="Linux运行javac无法找到此命令，运行class文件显示无法加载类"><img src="https://pic3.58cdn.com.cn/nowater/webim/big/n_v202b47709aefb4d7a96409b0094ec9233.jpg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Linux运行javac无法找到此命令，运行class文件显示无法加载类"/></a><div class="content"><a class="title" href="/2022/12/18/Tompost9/" title="Linux运行javac无法找到此命令，运行class文件显示无法加载类">Linux运行javac无法找到此命令，运行class文件显示无法加载类</a><time datetime="2022-12-18T15:29:57.000Z" title="发表于 2022-12-18 23:29:57">2022-12-18</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/2022/09/06/Tompost8/" title="Python常用组件、命令大总结(转自CSDN收费资源)"><img src="https://gimg2.baidu.com/image_search/src=http%3A%2F%2Fss2.meipian.me%2Fusers%2F60316599%2Feb661400-2bd7-11ea-9c18-19e1c331991e.png%3Fmeipian-raw%2Fbucket%2Fivwen%2Fkey%2FdXNlcnMvNjAzMTY1OTkvZWI2NjE0MDAtMmJkNy0xMWVhLTljMTgtMTllMWMzMzE5OTFlLnBuZw%3D%3D%2Fsign%2Fbe170899efe4bb6a194791b0573f947e.jpg&amp;refer=http%3A%2F%2Fss2.meipian.me&amp;app=2002&amp;size=f9999,10000&amp;q=a80&amp;n=0&amp;g=0n&amp;fmt=auto?sec=1665068039&amp;t=d0985dd7a1ca9ef4b6a14e3ca1e86759" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Python常用组件、命令大总结(转自CSDN收费资源)"/></a><div class="content"><a class="title" href="/2022/09/06/Tompost8/" title="Python常用组件、命令大总结(转自CSDN收费资源)">Python常用组件、命令大总结(转自CSDN收费资源)</a><time datetime="2022-09-05T19:29:57.000Z" title="发表于 2022-09-06 03:29:57">2022-09-06</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/2022/08/21/Tompost5/" title="为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN"><img src="https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN"/></a><div class="content"><a class="title" href="/2022/08/21/Tompost5/" title="为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN">为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN</a><time datetime="2022-08-20T19:29:57.000Z" title="发表于 2022-08-21 03:29:57">2022-08-21</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/2022/08/21/Tompost7/" title="Vue实现用户名输入首字母检查"><img src="https://pic.rmb.bdstatic.com/bjh/a94d99854b04dac78acf111ad32c5b53.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Vue实现用户名输入首字母检查"/></a><div class="content"><a class="title" href="/2022/08/21/Tompost7/" title="Vue实现用户名输入首字母检查">Vue实现用户名输入首字母检查</a><time datetime="2022-08-20T19:29:57.000Z" title="发表于 2022-08-21 03:29:57">2022-08-21</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/2022/08/21/Tompost6/" title="Vue中常用的修饰符"><img src="https://pic.rmb.bdstatic.com/bjh/d94a85b170b2641b3c3f456a3b95351b.png" onerror="this.onerror=null;this.src='/img/404.jpg'" alt="Vue中常用的修饰符"/></a><div class="content"><a class="title" href="/2022/08/21/Tompost6/" title="Vue中常用的修饰符">Vue中常用的修饰符</a><time datetime="2022-08-20T19:29:57.000Z" title="发表于 2022-08-21 03:29:57">2022-08-21</time></div></div></div></div></div></div></main><footer id="footer" style="background-image: url('https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg')"><div id="footer-wrap"><div class="copyright">&copy;2022 By Tom</div><div class="framework-info"><span>框架 </span><a target="_blank" rel="noopener" href="https://hexo.io">Hexo</a><span class="footer-separator">|</span><span>主题 </span><a target="_blank" rel="noopener" href="https://github.com/jerryc127/hexo-theme-butterfly">Butterfly</a></div></div></footer></div><div id="rightside"><div id="rightside-config-hide"><button id="readmode" type="button" title="阅读模式"><i class="fas fa-book-open"></i></button><button id="darkmode" type="button" title="浅色和深色模式转换"><i class="fas fa-adjust"></i></button><button id="hide-aside-btn" type="button" title="单栏和双栏切换"><i class="fas fa-arrows-alt-h"></i></button></div><div id="rightside-config-show"><button id="rightside_config" type="button" title="设置"><i class="fas fa-cog fa-spin"></i></button><button class="close" id="mobile-toc-button" type="button" title="目录"><i class="fas fa-list-ul"></i></button><a id="to_comment" href="#post-comment" title="直达评论"><i class="fas fa-comments"></i></a><button id="go-up" type="button" title="回到顶部"><i class="fas fa-arrow-up"></i></button></div></div><div id="algolia-search"><div class="search-dialog"><nav class="search-nav"><span class="search-dialog-title">搜索</span><button class="search-close-button"><i class="fas fa-times"></i></button></nav><div class="search-wrap"><div id="algolia-search-input"></div><hr/><div id="algolia-search-results"><div id="algolia-hits"></div><div id="algolia-pagination"></div><div id="algolia-info"><div class="algolia-stats"></div><div class="algolia-poweredBy"></div></div></div></div></div><div id="search-mask"></div></div><div><script src="/js/utils.js"></script><script src="/js/main.js"></script><script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox.umd.min.js"></script><script src="https://cdn.jsdelivr.net/npm/algoliasearch/dist/algoliasearch-lite.umd.min.js"></script><script src="https://cdn.jsdelivr.net/npm/instantsearch.js/dist/instantsearch.production.min.js"></script><script src="/js/search/algolia.js"></script><script>var preloader = {
  endLoading: () => {
    document.body.style.overflow = 'auto';
    document.getElementById('loading-box').classList.add("loaded")
  },
  initLoading: () => {
    document.body.style.overflow = '';
    document.getElementById('loading-box').classList.remove("loaded")

  }
}
window.addEventListener('load',preloader.endLoading())</script><div class="js-pjax"><script>function addGitalkSource () {
  const ele = document.createElement('link')
  ele.rel = 'stylesheet'
  ele.href= 'https://cdn.jsdelivr.net/npm/gitalk/dist/gitalk.min.css'
  document.getElementsByTagName('head')[0].appendChild(ele)
}

function loadGitalk () {
  function initGitalk () {
    var gitalk = new Gitalk(Object.assign({
      clientID: '601cd01f7ce3ce1ac556',
      clientSecret: '2ba509b877c744155414cd40ef6f6e1eb9a48f48',
      repo: 'blogpl',
      owner: '2732335411',
      admin: ['2732335411'],
      id: 'f67207ce2b6929ea896aca236364c848',
      updateCountCallback: commentCount
    },null))

    gitalk.render('gitalk-container')
  }

  if (typeof Gitalk === 'function') initGitalk()
  else {
    addGitalkSource()
    getScript('https://cdn.jsdelivr.net/npm/gitalk/dist/gitalk.min.js').then(initGitalk)
  }
}

function commentCount(n){
  let isCommentCount = document.querySelector('#post-meta .gitalk-comment-count')
  if (isCommentCount) {
    isCommentCount.innerHTML= n
  }
}

if ('Gitalk' === 'Gitalk' || !false) {
  if (false) btf.loadComment(document.getElementById('gitalk-container'), loadGitalk)
  else loadGitalk()
} else {
  function loadOtherComment () {
    loadGitalk()
  }
}</script></div><script defer="defer" id="ribbon" src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/dist/canvas-ribbon.min.js" size="150" alpha="0.6" zIndex="-1" mobile="true" data-click="true"></script><script id="click-heart" src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/dist/click-heart.min.js" async="async" mobile="false"></script><script async data-pjax src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script></div><!-- hexo injector body_end start --><script data-pjax>function history_calendar_injector_config(){
                var parent_div_git = document.getElementsByClassName('sticky_layout')[0];
                var item_html = '<div class="card-widget card-history"><div class="card-content"><div class="item-headline"><i class="fas fa-clock fa-spin"></i><span>那年今日</span></div><div id="history-baidu" style="height: 100px;overflow: hidden"><div class="history_swiper-container" id="history-container" style="width: 100%;height: 100%"><div class="swiper-wrapper" id="history_container_wrapper" style="height:20px"></div></div></div></div>';
                console.log('已挂载history_calendar')
                // parent_div_git.innerHTML=item_html+parent_div_git.innerHTML // 无报错，但不影响使用(支持pjax跳转)
                parent_div_git.insertAdjacentHTML("afterbegin",item_html) // 有报错，但不影响使用(支持pjax跳转)
            }if( document.getElementsByClassName('sticky_layout')[0] && (location.pathname ==='all'|| 'all' ==='all')){

            history_calendar_injector_config()
        } </script><script data-pjax src="https://cdn.jsdelivr.net/gh/Zfour/Butterfly-card-history/baiduhistory/js/main.js"></script><script data-pjax>function electric_clock_injector_config(){
                var parent_div_git = document.getElementsByClassName('sticky_layout')[0];
                var item_html = '<div class="card-widget card-clock"><div class="card-glass"><div class="card-background"><div class="card-content"><div id="hexo_electric_clock"><img id="card-clock-loading" src="https://cdn.jsdelivr.net/gh/Zfour/Butterfly-clock/clock/images/weather/loading.gif" style="height: 120px; width: 100%;" data-ll-status="loading" class="entered loading"></div></div></div></div></div>';
                console.log('已挂载electric_clock')
                // parent_div_git.innerHTML=item_html+parent_div_git.innerHTML // 无报错，但不影响使用(支持pjax跳转)
                parent_div_git.insertAdjacentHTML("afterbegin",item_html) // 有报错，但不影响使用(支持pjax跳转)
            }if( document.getElementsByClassName('sticky_layout')[0] && (location.pathname ==='all'|| 'all' ==='all')){

            electric_clock_injector_config()
        } </script><script src="https://pv.sohu.com/cityjson?ie=utf-8"></script><script data-pjax  src="https://cdn.jsdelivr.net/gh/Zfour/hexo-electric-clock@1.0.6/clock.js"></script><script data-pjax>
  function butterfly_footer_beautify_injector_config(){
    var parent_div_git = document.getElementById('footer-wrap');
    var item_html = '<div id="workboard"></div><div id="ghbdages" style="overflow:hidden;max-height:90px;height:auto;text-align:center;margin-top:10px"><div class="swiper-wrapper"><div class="swiper-slide"><a class="github-badge" target="_blank" href="https://hexo.io/" style="margin-inline:5px" title="博客框架为Hexo_v5.4.0"><img src="https://img.shields.io/badge/Frame-Hexo-blue?style=flat&amp;logo=hexo" alt=""/></a><a class="github-badge" target="_blank" href="https://butterfly.js.org/" style="margin-inline:5px" title="主题版本Butterfly_v3.8.2"><img src="https://img.shields.io/badge/Theme-Butterfly-6513df?style=flat&amp;logo=bitdefender" alt=""/></a><a class="github-badge" target="_blank" href="https://www.jsdelivr.com/" style="margin-inline:5px" title="本站使用JsDelivr为静态资源提供CDN加速"><img src="https://img.shields.io/badge/CDN-jsDelivr-orange?style=flat&amp;logo=jsDelivr" alt=""/></a></div><div class="swiper-slide"><a class="github-badge" target="_blank" href="https://vercel.com/" style="margin-inline:5px" title="本站采用双线部署，默认线路托管于Vercel"><img src="https://img.shields.io/badge/Hosted-Vercel-brightgreen?style=flat&amp;logo=Vercel" alt=""/></a><a class="github-badge" target="_blank" href="https://vercel.com/" style="margin-inline:5px" title="本站采用双线部署，联通线路托管于Coding"><img src="https://img.shields.io/badge/Hosted-Coding-0cedbe?style=flat&amp;logo=Codio" alt=""/></a><a class="github-badge" target="_blank" href="https://github.com/" style="margin-inline:5px" title="本站项目由Github托管"><img src="https://img.shields.io/badge/Source-Github-d021d6?style=flat&amp;logo=GitHub" alt=""/></a></div><div class="swiper-slide"><a class="github-badge" target="_blank" href="http://creativecommons.org/licenses/by-nc-sa/4.0/" style="margin-inline:5px" title="本站采用知识共享署名-非商业性使用-相同方式共享4.0国际许可协议进行许可"><img src="https://img.shields.io/badge/Copyright-BY--NC--SA%204.0-d42328?style=flat&amp;logo=Claris" alt=""/></a></div></div></div><style>a.github-badge:hover:before {display:none}</style>';
    console.log('已挂载butterfly_footer_beautify')
    parent_div_git.insertAdjacentHTML("beforeend",item_html)
    }
  var elist = 'null'.split(',');
  var cpage = location.pathname;
  var epage = 'all';
  var flag = 0;

  for (var i=0;i<elist.length;i++){
    if (cpage.includes(elist[i])){
      flag++;
    }
  }

  if ((epage ==='all')&&(flag == 0)){
    butterfly_footer_beautify_injector_config();
  }
  else if (epage === cpage){
    butterfly_footer_beautify_injector_config();
  }
  </script><script async src="https://npm.elemecdn.com/hexo-butterfly-footer-beautify@1.0.0/lib/runtime.js"></script><script defer src="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiper.min.js"></script><script defer data-pjax src="https://npm.elemecdn.com/hexo-butterfly-footer-beautify/lib/swiperbdage_init.min.js"></script><script data-pjax>
  function butterfly_swiper_injector_config(){
    var parent_div_git = document.getElementById('recent-posts');
    var item_html = '<div class="recent-post-item" style="height: auto;width: 100%"><div class="blog-slider swiper-container-fade swiper-container-horizontal" id="swiper_container"><div class="blog-slider__wrp swiper-wrapper" style="transition-duration: 0ms;"><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/12/18/Tompost9/" alt=""><img width="48" height="48" src="https://pic3.58cdn.com.cn/nowater/webim/big/n_v202b47709aefb4d7a96409b0094ec9233.jpg" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-12-18</span><a class="blog-slider__title" href="2022/12/18/Tompost9/" alt="">Linux运行javac无法找到此命令，运行class文件显示无法加载类</a><div class="blog-slider__text">linux中运行javac报错无此命令，运行class文件显示无法加载类</div><a class="blog-slider__button" href="2022/12/18/Tompost9/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/09/06/Tompost8/" alt=""><img width="48" height="48" src="https://gimg2.baidu.com/image_search/src=http%3A%2F%2Fss2.meipian.me%2Fusers%2F60316599%2Feb661400-2bd7-11ea-9c18-19e1c331991e.png%3Fmeipian-raw%2Fbucket%2Fivwen%2Fkey%2FdXNlcnMvNjAzMTY1OTkvZWI2NjE0MDAtMmJkNy0xMWVhLTljMTgtMTllMWMzMzE5OTFlLnBuZw%3D%3D%2Fsign%2Fbe170899efe4bb6a194791b0573f947e.jpg&amp;refer=http%3A%2F%2Fss2.meipian.me&amp;app=2002&amp;size=f9999,10000&amp;q=a80&amp;n=0&amp;g=0n&amp;fmt=auto?sec=1665068039&amp;t=d0985dd7a1ca9ef4b6a14e3ca1e86759" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-09-06</span><a class="blog-slider__title" href="2022/09/06/Tompost8/" alt="">Python常用组件、命令大总结(转自CSDN收费资源)</a><div class="blog-slider__text">从CSDN白嫖来的付费资源，供各位CV大师门使用</div><a class="blog-slider__button" href="2022/09/06/Tompost8/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/21/Tompost7/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/a94d99854b04dac78acf111ad32c5b53.png" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-21</span><a class="blog-slider__title" href="2022/08/21/Tompost7/" alt="">Vue实现用户名输入首字母检查</a><div class="blog-slider__text">检查用户名是否为字母开头，以及思路和注意的小细节。</div><a class="blog-slider__button" href="2022/08/21/Tompost7/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/21/Tompost6/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/d94a85b170b2641b3c3f456a3b95351b.png" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-21</span><a class="blog-slider__title" href="2022/08/21/Tompost6/" alt="">Vue中常用的修饰符</a><div class="blog-slider__text">Vue中常用的事件修饰符，阻止冒泡、阻止默认行为、事件只触发一次，以及不常用的事件修饰符</div><a class="blog-slider__button" href="2022/08/21/Tompost6/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/21/Tompost5/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/df4abbc5aa599ebc331c51be1c32e580.jpeg" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-21</span><a class="blog-slider__title" href="2022/08/21/Tompost5/" alt="">为什么越来越多的网站加入了HTTPS加密?(深入了解HTTPS)转载CSDN</a><div class="blog-slider__text">深入了解https，ssl加密原理，什么是握手等。</div><a class="blog-slider__button" href="2022/08/21/Tompost5/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/21/Tompost4/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/d3b0a8a2a5ea2a338d913e2b86987894.jpeg" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-21</span><a class="blog-slider__title" href="2022/08/21/Tompost4/" alt="">NPM可用CDN整理和换源方法</a><div class="blog-slider__text">NPM更换源，以及博主整理的可用cdn。</div><a class="blog-slider__button" href="2022/08/21/Tompost4/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/12/Tompost2/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/c4b3b6fa9078cfc91ed09feb7abb8756.png" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-12</span><a class="blog-slider__title" href="2022/08/12/Tompost2/" alt="">RAMmap(备用内存清理)</a><div class="blog-slider__text">解决开机内存占用大(非正常程序占用，包括开启启动项大等)，有效解决windows电脑备用内存分配不合理情况。</div><a class="blog-slider__button" href="2022/08/12/Tompost2/" alt="">详情   </a></div></div><div class="blog-slider__item swiper-slide" style="width: 750px; opacity: 1; transform: translate3d(0px, 0px, 0px); transition-duration: 0ms;"><a class="blog-slider__img" href="2022/08/03/Tompost1/" alt=""><img width="48" height="48" src="https://pic.rmb.bdstatic.com/bjh/148e2f4d50a85f82200b2570eab5e1da.jpeg" alt="" onerror="this.src=https://unpkg.zhimg.com/akilar-candyassets/image/loading.gif; this.onerror = null;"/></a><div class="blog-slider__content"><span class="blog-slider__code">2022-08-03</span><a class="blog-slider__title" href="2022/08/03/Tompost1/" alt="">Linux+Python实现录取通知书发放云端监控</a><div class="blog-slider__text">巧用编程语言来解决生活中的问题，python在服务器中监控数据是否有更新，第一时间通知到本人</div><a class="blog-slider__button" href="2022/08/03/Tompost1/" alt="">详情   </a></div></div></div><div class="blog-slider__pagination swiper-pagination-clickable swiper-pagination-bullets"></div></div></div>';
    console.log('已挂载butterfly_swiper')
    parent_div_git.insertAdjacentHTML("afterbegin",item_html)
    }
  var elist = 'undefined'.split(',');
  var cpage = location.pathname;
  var epage = 'all';
  var flag = 0;

  for (var i=0;i<elist.length;i++){
    if (cpage.includes(elist[i])){
      flag++;
    }
  }

  if ((epage ==='all')&&(flag == 0)){
    butterfly_swiper_injector_config();
  }
  else if (epage === cpage){
    butterfly_swiper_injector_config();
  }
  </script><script defer src="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiper.min.js"></script><script defer data-pjax src="https://npm.elemecdn.com/hexo-butterfly-swiper/lib/swiper_init.js"></script><!-- hexo injector body_end end --><script src="/live2dw/lib/L2Dwidget.min.js?094cbace49a39548bed64abff5988b05"></script><script>L2Dwidget.init({"pluginRootPath":"live2dw/","pluginJsPath":"lib/","pluginModelPath":"assets/","tagMode":false,"debug":false,"model":{"jsonPath":"/live2dw/assets/hijiki.model.json"},"display":{"position":"left","width":150,"height":250},"mobile":null,"log":false});</script></body></html>